$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/5BE68D46CF7611ED85A2E84EC4F9AE02.roa File: 5BE68D46CF7611ED85A2E84EC4F9AE02.roa (raw, json) Hash identifier: A8T7YjH39HJyHv4+0kwSd5uPkQBOd5K3P7X281GuTgs= Subject key identifier: 4A:97:7E:28:B0:FA:D0:8B:E6:AF:91:DD:1A:FF:11:F2:AB:16:D4:14 Certificate issuer: /CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1 Certificate serial: 05BA Authority key identifier: E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1 Authority info access: rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/5BE68D46CF7611ED85A2E84EC4F9AE02.roa Signing time: Fri 12 Jul 2024 17:54:58 +0000 ROA not before: Fri 12 Jul 2024 17:54:58 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 136907 IP address blocks: 189.1.192.0/18 maxlen: 18 189.1.192.0/20 maxlen: 20 189.1.208.0/20 maxlen: 20 189.1.224.0/20 maxlen: 20 189.1.240.0/20 maxlen: 20 189.28.96.0/20 maxlen: 20 189.28.112.0/20 maxlen: 20 190.92.248.0/24 maxlen: 24 190.92.249.0/24 maxlen: 24 190.92.250.0/24 maxlen: 24 190.92.251.0/24 maxlen: 24 190.92.252.0/24 maxlen: 24 190.92.253.0/24 maxlen: 24 190.92.254.0/24 maxlen: 24 201.77.32.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.mft rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 Aug 2024 14:50:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1466 (0x5ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678/serialNumber=E243F3BE825569BB16ACB374BC98DABE690B17C1 Validity Not Before: Jul 12 17:54:58 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66916df2-af6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7c:6c:a1:54:03:51:04:30:3d:9d:d9:d9:0e: b9:53:bd:ea:8c:43:98:a8:a9:9e:a7:2f:07:18:7c: 8e:72:cb:91:da:c7:44:da:5e:d3:68:b8:b6:0b:62: 26:d1:c0:94:67:92:09:f0:b2:b4:ed:1f:d1:83:a2: aa:37:95:9b:b0:ef:b9:fa:a5:14:c6:ac:4e:1f:42: 77:de:a2:8a:07:5c:97:77:64:99:88:cd:9a:2d:18: f4:e9:10:d3:06:0f:54:15:e7:a2:57:64:a9:9b:bf: f9:91:ff:25:9b:fb:2f:0d:fb:84:8d:89:32:68:9c: b8:c9:16:a5:f8:c4:d3:db:25:2c:8d:6d:33:1a:2e: f4:e9:fe:32:60:95:18:5d:72:31:55:7e:a1:be:03: 92:bf:9a:80:68:13:99:21:78:b9:28:0e:2b:6d:3b: 09:30:87:e2:b1:34:4f:99:f2:85:c9:ad:a6:a4:c2: 66:6d:fd:66:53:b2:1f:4f:34:6e:aa:cf:36:ac:71: 71:f0:65:f7:bb:f2:b1:96:49:89:74:79:67:79:f9: 74:ab:b7:27:ed:e7:7f:da:e6:7f:32:a6:8c:a1:03: 67:ba:f2:e6:7c:08:66:82:1f:cd:a4:52:0f:57:c2: a8:3b:d4:fe:32:81:03:14:a0:71:1f:34:e4:25:63: 85:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:97:7E:28:B0:FA:D0:8B:E6:AF:91:DD:1A:FF:11:F2:AB:16:D4:14 X509v3 Authority Key Identifier: keyid:E2:43:F3:BE:82:55:69:BB:16:AC:B3:74:BC:98:DA:BE:69:0B:17:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/4kPzvoJVabsWrLN0vJjavmkLF8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/4kPzvoJVabsWrLN0vJjavmkLF8E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/B897C582A19C11EB92A2DF29C4F9AE02/5BE68D46CF7611ED85A2E84EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 189.1.192.0/18 189.28.96.0/19 190.92.248.0-190.92.254.255 201.77.32.0/20 Signature Algorithm: sha256WithRSAEncryption 2d:00:ac:ab:1e:fa:2f:62:90:5b:ee:65:49:c4:99:1e:20:3a: 65:ca:ef:94:61:da:81:43:01:58:71:80:dd:cb:a2:ea:42:45: ff:41:6c:e7:ad:61:26:68:9d:48:6b:af:27:1e:ec:04:e2:24: 52:8f:d9:b6:5a:ce:80:2a:d6:9b:35:95:97:16:cb:2f:22:ba: f8:cb:b4:69:8b:1b:03:a1:c2:c3:52:89:9f:20:ab:ee:20:2b: 6b:9a:d7:af:ee:58:c8:70:eb:0e:95:09:66:fd:03:06:dd:0e: fc:08:33:30:3b:54:d8:5e:fc:a5:04:a8:c4:db:03:73:7a:bd: 87:d3:a0:8d:8c:a6:d5:02:1c:72:e0:fe:b9:e6:80:5f:22:45: de:66:7c:74:a0:4d:69:16:48:07:1d:d6:58:09:42:0c:5f:ac: 06:78:9e:56:8a:77:09:f5:ad:9e:93:99:c0:df:cb:22:8f:0d: eb:22:c0:37:6f:16:ba:da:5c:5b:57:d1:73:7e:c4:e7:91:f0: 12:7e:8d:62:50:37:8e:be:e2:29:f4:26:96:05:52:ce:d2:ea: 68:57:da:f5:f3:bb:1c:80:cf:a6:0f:a5:f2:13:00:bd:7a:13: 60:10:97:a0:05:77:31:5f:51:47:9e:df:70:2f:56:c3:ab:8d: 33:ee:fe:04 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICBbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKEUyNDNGM0JFODI1NTY5QkIxNkFDQjM3NEJDOThEQUJF NjkwQjE3QzEwHhcNMjQwNzEyMTc1NDU4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjkxNmRmMi1hZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2HxsoVQDUQQwPZ3Z2Q65U73qjEOYqKmepy8HGHyOcsuR2sdE2l7TaLi2C2Im 0cCUZ5IJ8LK07R/Rg6KqN5WbsO+5+qUUxqxOH0J33qKKB1yXd2SZiM2aLRj06RDT Bg9UFeeiV2Spm7/5kf8lm/svDfuEjYkyaJy4yRal+MTT2yUsjW0zGi706f4yYJUY XXIxVX6hvgOSv5qAaBOZIXi5KA4rbTsJMIfisTRPmfKFya2mpMJmbf1mU7IfTzRu qs82rHFx8GX3u/KxlkmJdHlnefl0q7cn7ed/2uZ/MqaMoQNnuvLmfAhmgh/NpFIP V8KoO9T+MoEDFKBxHzTkJWOFKQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFEqXfiiw +tCL5q+R3Rr/EfKrFtQUMB8GA1UdIwQYMBaAFOJD876CVWm7FqyzdLyY2r5pCxfB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CODk3QzU4MkEx OUMxMUVCOTJBMkRGMjlDNEY5QUUwMi80a1B6dm9KVmFic1dyTE4wdkpqYXZta0xG OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0QTFCRUE2MUQ2NjExRTJCMkNEOEI3Qzcy RkQxRkYyLzRrUHp2b0pWYWJzV3JMTjB2Smphdm1rTEY4RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U2NzgvQjg5N0M1ODJBMTlDMTFFQjkyQTJERjI5QzRGOUFFMDIvNUJFNjhENDZD Rjc2MTFFRDg1QTJFODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAa9AcADBAW9HGAwDAMEA75c+AMEAL5c/gMEBMlNIDANBgkq hkiG9w0BAQsFAAOCAQEALQCsqx76L2KQW+5lScSZHiA6ZcrvlGHagUMBWHGA3cui 6kJF/0Fs561hJmidSGuvJx7sBOIkUo/ZtlrOgCrWmzWVlxbLLyK6+Mu0aYsbA6HC w1KJnyCr7iAra5rXr+5YyHDrDpUJZv0DBt0O/AgzMDtU2F78pQSoxNsDc3q9h9Og jYym1QIccuD+ueaAXyJF3mZ8dKBNaRZIBx3WWAlCDF+sBnieVop3CfWtnpOZwN/L Io8N6yLAN28WutpcW1fRc37E55HwEn6NYlA3jr7iKfQmlgVSztLqaFfa9fO7HIDP pg+l8hMAvXoTYBCXoAV3MV9RR57fcC9Ww6uNM+7+BA== -----END CERTIFICATE-----Generated at Fri Jul 26 18:53:16 2024 by rpki-client on console-ams.rpki-client.org